The Department of Computer Science at the Florida State University invites applications for multiple tenure-track Assistant Professor positions to begin August 2014. Positions are 9-mo, full-time, tenure-track, and benefits eligible. Outstanding applicants with strengths in the areas of Big Data and Cyber Security are particularly encouraged to apply. Outstanding applicants specializing in other emerging research areas are also welcome to apply. Applicants should hold a PhD in Computer Science or closely related field, and have excellent research and teaching accomplishments or potential. The department offers degrees at the BS, MS, and PhD levels. The department is an NSA/DHS Center of Academic Excellence in Information Assurance Education (CAE-IAE) and Research (CAE-R).

FSU is classified as a Carnegie Research I university. Its primary role is to serve as a center for advanced graduate and professional studies while emphasizing research and providing excellence in undergraduate education.

Screening will begin January 1, 2014 and will continue until the position is filled. Please apply online with curriculum vitae, statements of teaching and research philosophy, and the names of five references, at

I am looking for a few excellent Ph.D. candidates (preferably with proven research capabilities) and post-docs in cryptography (mostly cryptanalysis of symmetric-key primitives), privacy (privacy of biometric databases/schemes) and computer security.

An MSc position in the area of cryptography in the Cryptography and Data Security Group at the Department of Mathematics, Informatics and Mechanics at University of Warsaw is available. The position is supported by the EU FNP Welcome Grant \\\"Cryptographic Protocols Provably-Secure Against Physical Attacks\\\". This project is about the design of cryptographic schemes that are provably-secure against physical attacks, such as side-channel leakages, tampering, or malware intrusion. We offer excellent networking and training opportunities, including participation in international workshops and conferences.

Job profile: All candidates with background in theoretical computer science and mathematics are encouraged to apply and will be carefully considered. Knowledge of Polish is not required, but a good knowledge of English is essential.

Successful candidates can start from 10.2013. Funding is available until 5.2015 (extensions are possible depending on the funding availability)

A PhD position in the area of cryptography in the Cryptography and Data Security Group at the Department of Mathematics, Informatics and Mechanics at University of Warsaw is available. The position is supported by the EU FNP Welcome Grant \\\"Cryptographic Protocols Provably-Secure Against Physical Attacks\\\". This project is about the design of cryptographic schemes that are provably-secure against physical attacks, such as side-channel leakages, tampering, or malware intrusion. We offer excellent networking and training opportunities, including participation in international workshops and conferences.

All candidates with background in theoretical computer science and mathematics are encouraged to apply and will be carefully considered. Knowledge of Polish is not required, but a good knowledge of English is essential.

Successful candidates can start from 10.2013. Funding is available until 5.2015 (extensions are possible depending on the funding availability)

A post-doc position in the area of cryptography in the Cryptography and Data Security Group at the Department of Mathematics, Informatics and Mechanics at University of Warsaw is available. The position is supported by the EU FNP Welcome Grant \\\"Cryptographic Protocols Provably-Secure Against Physical Attacks\\\". This project is about the design of cryptographic schemes that are provably-secure against physical attacks, such as side-channel leakages, tampering, or malware intrusion. We offer excellent networking and training opportunities, including participation in international workshops and conferences.

All candidates with PhD in cryptography are encouraged to apply and will be carefully considered. Knowledge of Polish is not required, but a good knowledge of English is essential.

Successful candidates can start from 10.2013. Funding is available until 5.2015 (extensions are possible depending on the funding availability)

We introduce EyeDecrypt, a novel technology for privacy-preserving human-computer interaction. EyeDecrypt allows only authorized users to decipher data shown on a public display, such as an electronic screen or printed material; in the former case, the authorized user can then interact with the system (e.g., by pressing buttons), without revealing the details of the interaction to others who may be watching.

The user views data on a closely-held personal device, such as a pair of smart glasses with a camera and heads-up display, or a smartphone. The decrypted data is displayed as an image overlay on the personal device--a form of augmented reality. The user\'s inputs are protected through randomization.

EyeDecrypt consists of three main components: a visualizable encryption scheme; a dataglyph-based visual encoding scheme for the ciphertexts generated by the encryption scheme; and a randomized input and augmented reality scheme that protects user inputs without harming usability. We describe all aspects of EyeDecrypt, from security definitions, constructions and formal analysis, to implementation details of a prototype developed on a smartphone.

Cryptanalytic time memory tradeoff is a tool for inverting one-way functions, and the rainbow table method, the best-known tradeoff algorithm, is widely used to recover passwords. Even though extensive research has been performed on the rainbow tradeoff, the algorithm actually used in practice differs from the well-studied original algorithm. This work provides a full analysis of the rainbow tradeoff algorithm that is used in practice. Unlike existing works on the rainbow tradeoff, the analysis is done in the external memory model, so that the practically important issue of table loading time is taken into account. As a result, we are able to provide tradeoff parameters that optimize the wall-clock time.

In 2009 and 2011, Toorani and Falahati introduced two variants of the classical Hill Cipher, together with protocols for the exchange of encrypted messages. The designers claim that the new systems overcome the weaknesses of the original Hill Cipher, and are resistant to any ciphertext-only, known-plaintext, chosen-plaintext, or chosen-ciphertext attack. However, we describe a chosen-plaintext attack that easily breaks both Toorani-Falahati Hill Ciphers, and we present computational results that confirm the effectiveness of our attack.

Adaptive security is a strong security notion that captures additional security threats that are not addressed by static corruptions. For instance, it captures scenarios in which the attacker chooses which party to corrupt based on the protocol communication. It further captures real-world scenarios where ``hackers\'\' actively break into computers, possibly while they are executing secure protocols. Studying this setting is interesting from both theoretical and practical points of view. The former is because the theoretical understanding of this setting is not yet profound and important questions are still unresolved; a notable example is the question regarding the feasibility of constant round adaptively secure protocols. From practical viewpoint, generic adaptively secure protocols are far more complicated and less efficient than static protocols.

A primary building block in designing adaptively secure protocols is a non-committing encryption or NCE that implements secure communication channels in the presence of adaptive corruptions. Current NCE constructions require a number of public key operations that grows linearly with the length of the message. Furthermore, general two-party protocols require a number of NCE calls that is linear in the circuit size (or otherwise the protocol is not round efficient). As a result the number of public key operations is inflated and depends on the circuit size as well.

In this paper we study the two-party setting in which at most one of the parties is adaptively corrupted, which we believe is the right security notion in the two-party setting. We study the feasibility of (1) NCE with constant number of public key operations for any message space. (2) Oblivious transfer with constant number of public key operations for any sender\'s input space, and (3) constant round secure computation protocols with a number of NCE calls, and an overall number of public key operations, that are independent of the circuit size. Our study demonstrates that such primitives indeed exist in the presence of single corruptions, while this is not the case for fully adaptive security (where both parties may get corrupted).